CSHA1 - A C++ Class Implementation of the SHA-1 Hash Algorithm

• Download demo project (with source) - 81.2 KB
• Download CSHA1 source only - 5.6 KB

Contents

• Description of the Secure Hash Algorithm SHA-1
• CSHA1 Class Description
• CSHA1 Usage Samples: Hashing Binary Data and Strings
• CSHA1 Usage Samples: Hashing Files
• References
• Version History

Description of the Secure Hash Algorithm SHA-1

The Secure Hash Algorithm SHA-1 is a cryptographically secure one-way hash algorithm. It was designed by the NIST (National Institute of Standards and Technology), along with the NSA (National Security Agency). SHA-1 is based on the Message Digest MD4 algorithm design principles by Ronald L. Rivest of MIT.

Well, I think I don't have to explain what you can do with cryptographic hash algorithms. For an example what you can do with such algorithms, see this CodeProject article (CMD5 class).

For more information about SHA-1, see references [1] and [2].

CSHA1 Class Description

The CSHA1 class is an easy-to-use class for the SHA-1 hash algorithm.

If you want to test if your implementation of the class is working, try the test vectors in the 'TestVectors' directory in the demo zip file. You can find the correct hash values in the header file of the CSHA1 class.

Class members of the CSHA1 class:

• C++

  void Reset();

  This member function resets the class. You have to call this method when using CSHA1 more than one time. This method is called automatically in the constructor and the destructor of the class so if you only hash one single data stream you don't need to call Reset() manually.

• C++

  void Update(const UINT_8* pbData, UINT_32 uLen);

  Use this method to hash in a data stream. Data in pbData, number of bytes in uLen.

• C++

  bool HashFile(const TCHAR* tszFileName);

  This method hashes file contents into the current state. If hashing was successful, the method returns true, otherwise false. If you use this member function, you don't need to make any call to the Update(...) method. After HashFile(...) you should call the Final() method immediately. You have to call Final() before getting the message digest of the file using the methods ReportHash(...) and GetHash(...).

• C++

  void Final();

  When you have hashed in all data to hash, call this method. This will compute the final SHA-1 message digest and it is therefore needed to call this method before ReportHash(...) and GetHash(...).

• C++

  bool ReportHash(TCHAR* tszReport, REPORT_TYPE rtReportType = REPORT_HEX) const;

  After calling the Final method you can get the message digest using this method. The result is stored as string in tszReport. Valid format types for uReportType are REPORT_HEX, REPORT_DIGIT and REPORT_HEX_SHORT. If you use REPORT_HEX the returned string looks like 5F A9 FB 34..., using REPORT_DIGIT this method returns the message digest in the form 129 67 5 98... . REPORT_HEX_SHORT is the same as REPORT_HEX, just without separating spaces.

• C++

  bool GetHash(UINT_8* pbDest20) const;

  If you don't want to get the hash in a pre-formatted string using ReportHash, you can use this method. This method copies the final message digest (call Final before!) to pbDest20. pbDest20 must be able to hold at least 20 bytes (SHA-1 produces a 160-bit / 20-byte hash).

Hashing Binary Data and Strings

CSHA1 sha1;
sha1.Update(string0, strlen(string0));
sha1.Update(string1, strlen(string1));
sha1.Update(binary2, uSizeOfBufferBinary2);
sha1.Update(binary3, uSizeOfBufferBinary3);
sha1.Final();

sha1.ReportHash(szReport, CSHA1::REPORT_HEX_SHORT);
// or
sha1.GetHash(binaryArray);

I will comment each line of the example above now.

First declare an instance of the CSHA1 class:

CSHA1 sha1;

Now hash in the data like this:

sha1.Update((UINT_8*)szString, strlen(szString));

You can call this method as often as you wish.

When you hashed in all data, call the Final() member function:

sha1.Final();

If you want to get the final message digest as a pre-formatted string use this:

sha1.ReportHash(szReport, CSHA1::REPORT_HEX_SHORT);

If you want to get the final message digest in "raw form":

sha1.GetHash(binaryArray); // Get the raw message digest bytes

Hashing Files

Hashing files is the same process as hashing strings and binary data but instead of using the Update method you use the HashFile member function of the class.

For more comments see the string/binary data hashing example above.

CSHA1 sha1;
sha1.HashFile("TheFile.cpp"); // Hash in the contents of the file
                              // 'TheFile.cpp'
sha1.Final();

sha1.ReportHash(szReport, CSHA1::REPORT_HEX); // Get final hash as
                                              // pre-formatted string
// or
sha1.GetHash(binaryArray); // Get the raw message digest bytes to a
                           // temporary buffer

References

[1] RFC 3174: US Secure Hash Algorithm 1 (SHA1).
[2] Bruce Schneier, Applied Cryptography, pages 442-445.

Version History

• Version 2.1 - 2012-06-19
  • Deconstructor (resetting internal variables) is now only implemented if SHA1_WIPE_VARIABLES is defined (which is the default).
  • Renamed inclusion guard to contain a GUID.
  • Demo application is now using C++/STL objects and functions.
  • Unicode build of the demo application now outputs the hashes of both the ANSI and Unicode representations of strings.
  • Various other demo application improvements.
• Version 2.0 - 2012-06-14
  • Added 'limits.h' include.
  • Renamed inclusion guard and macros for compliancy (names beginning with an underscore are reserved).
• Version 1.9 - 2011-11-10
  • Added Unicode test vectors.
  • Improved support for hashing files using the HashFile method that are larger than 4 GB.
  • Improved file hashing performance (by using a larger buffer).
  • Disabled unnecessary compiler warnings.
  • Internal variables are now private.
• Version 1.8 - 2009-03-16
  • Converted project files to Visual Studio 2008 format.
  • Added Unicode support for HashFile utility method.
  • Added support for hashing files using the HashFile method that are larger than 2 GB.
  • HashFile now returns an error code instead of copying an error message into the output buffer.
  • GetHash now returns an error code and validates the input parameter.
  • Added ReportHashStl STL utility method.
  • Added REPORT_HEX_SHORT reporting mode.
  • Improved Linux compatibility of test program.
• Version 1.7 - 2006-12-21
  • Fixed buffer underrun warning that appeared when compiling with Borland C Builder (thanks to Rex Bloom and Tim Gallagher for the patch).
  • Breaking change: ReportHash writes the final hash to the start of the buffer, i.e. it's not appending it to the string anymore.
  • Made some function parameters const.
  • Added Visual Studio 2005 project files to demo project.
• Version 1.6 - 2005-02-07
  • You can set the endianness in your files, no need to modify the header file of the CSHA1 class anymore.
  • Aligned data support.
  • Made support/compilation of the utility functions (ReportHash and HashFile) optional (useful when bytes count, for example in embedded environments).
  • Thanks to Howard Kapustein for patches.
• Version 1.5 - 2005-01-01
  • 64-bit compiler compatibility added.
  • Made variable wiping optional (define SHA1_WIPE_VARIABLES).
  • Removed unnecessary variable initializations.
  • ROL32 improvement for the Microsoft compiler (using _rotl).
• Version 1.4 - 2004-07-22
  • CSHA1 now compiles fine with GCC 3.3 under Mac OS X (thanks to Larry Hastings).
• Version 1.3 - 2003-08-17
  • Fixed a small memory bug and made a buffer array a class member to ensure correct working when using multiple CSHA1 class instances at one time.
• Version 1.2 - 2002-11-16
  • Borlands C++ compiler seems to have problems with string addition using sprintf. Fixed the bug which caused the digest report function not to work properly. CSHA1 is now Borland compatible.
• Version 1.1 - 2002-10-11
  • Removed two unnecessary header file includes and changed BOOL to bool. Fixed some minor bugs in the web page contents.
• Version 1.0 - 2002-06-20
  • First official release.

That's it! Happy hashing!